<?php
session_start();
include("../config.php");
$uname = urldecode($_POST['Username']);
$pass = urldecode($_POST['Password']);

if(isset($uname) and isset($pass)){
	$pass = md5($pass);
	$con = @mysql_connect($host,$username,$password) or die(mysql_error());
	@mysql_select_db($db,$con) or die(mysql_error());
	$sql = "SELECT * FROM users WHERE Username = '$uname' AND Password = '$pass' AND (Status = 3 OR Status = 2)";
	$query = mysql_query($sql,$con);
	$count=mysql_num_rows($query);
	if(mysql_num_rows($query)>0) {
		$log = mysql_result($query,0,"Status");
		if ($log == 1) {
			$status = "VIP";
		} elseif ($log == 2) {
			$status = "Admin";	
		} elseif ($log == 3) {
			$status = "Owner";
		}else{
			$status = "N/A";
		};
		$expire=60*60*24*1+time();
		setcookie("Status",$status,$expire,"/");
		setcookie("StatusNum",$log,$expire,"/");
		setcookie("ImOnline", "yes",$expire,"/");
		setcookie("Username",$uname ,$expire,"/");
		header( 'Location: ../home.php' );
	}else{
		header( 'Location: ../index.php?error=Wrong username, password or no access!' );
	};
	mysql_close($con);
	};  
?>